Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

issues setting up apache config for reverse proxy #10

Open
KBlixt opened this issue Jan 14, 2019 · 1 comment
Open

issues setting up apache config for reverse proxy #10

KBlixt opened this issue Jan 14, 2019 · 1 comment
Labels
help wanted Issues that need assistance from volunteers

Comments

@KBlixt
Copy link

KBlixt commented Jan 14, 2019

I'm trying to set up a document server behind a apache reverse proxy and I'm really stuck. I've tried the configs that's here: https://helpcenter.onlyoffice.com/server/document/document-server-proxy.aspx but to no avail.
I'll just post my config here and maybe someone can point out what I'm doing wrong... all I'm getting when I'm accessing mysite.com/documents is the default page of nextcloud...

nextcloud is hosted on 192.168.0.100:9999 and onlyoffice is working when accessing it on 192.168.0.100:8888

help :(

<IfModule mod_ssl.c>
	<VirtualHost *:80>
		ServerName mysite.com
		ServerAdmin admin
		
		RewriteEngine On

		ProxyRequests     Off
		ProxyPreserveHost On

		ProxyPass "/" "http://127.0.0.1:9999/"
		ProxyPassReverse "/" "http://127.0.0.1:9999/"

		RewriteEngine On
		RewriteCond %{SERVER_PORT} !443
		#RewriteCond %{REQUEST_URI} !^\/login\/flow
		RewriteRule ^(/(.*))?$ https://%{HTTP_HOST}/$1 [R=301,L]
	</VirtualHost>

	<VirtualHost *:443>
		ServerName mysite.com
		ServerAdmin admin

		SSLCertificateFile /filepath/fullchain.pem
		SSLCertificateKeyFile /filepath/privkey.pem
		Include /etc/letsencrypt/options-ssl-apache.conf

		ProxyRequests     Off
		ProxyPreserveHost On

		ProxyPass "/" "http://127.0.0.1:9999/"
		ProxyPassReverse "/" "http://127.0.0.1:9999/"

		<Location /sabnzbd>
			order deny,allow
			deny from all
			allow from all
			ProxyPass http://localhost:8080/sabnzbd
			ProxyPassReverse http://localhost:8080/sabnzbd
		</Location>

		Define VPATH /documents
		Define DS_ADDRESS 192.168.0.100:8888

		<Location ${VPATH}>
			Require all granted
			SetEnvIf Host "^(.*)$" THE_HOST=$1
			RequestHeader setifempty X-Forwarded-Proto http
			RequestHeader edit X-Forwarded-Host (.*) $1${VPATH}
			ProxyAddHeaders Off
		</Location>

		ProxyPassMatch ^\${VPATH}(.*)(\/websocket)$ "ws://${DS_ADDRESS}/$1$2"
		ProxyPass ${VPATH} "http://${DS_ADDRESS}"
		ProxyPassReverse ${VPATH} "http://${DS_ADDRESS}"

	</VirtualHost>
</IfModule>
@t0rtila t0rtila transferred this issue from ONLYOFFICE/DocumentServer Jan 16, 2019
@t0rtila t0rtila added the help wanted Issues that need assistance from volunteers label Jan 16, 2019
@RolandBBerlin
Copy link

I set up my configuration using a separate (virtual) document server. My nextcloud server is hosting nextcloud, but also performs reverse proxy for the document server.
The socument server has a separate subdomain (documentserver.mydomain) with its own certificate. The document server is set without ssl, so the reverse proxy is handling ssl-encapsulation of requests.
That said, my complete site configuration for the document server looks like this:
('server-address' - public domain name of document server, 'backendserver-address' - address and port by which the proxy server can access the document server).

<VirtualHost *:80>
    ServerAdmin admin
    ServerName server-address

    RewriteEngine on
    RewriteCond %{SERVER_NAME} =server-addres
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin admin
    ServerName server-address

    SSLEngine on
    SSLCompression off
    SSLHonorCipherOrder on
    SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4

    SSLProtocol All -SSLv2 -SSLv3
    SSLCompression off
    SSLHonorCipherOrder on

    SetEnvIf Host "^(.*)$" THE_HOST=$1
    RequestHeader setifempty X-Forwarded-Proto https
    RequestHeader setifempty X-Forwarded-Host %{THE_HOST}e
    ProxyAddHeaders Off

    ProxyPassMatch (.*)(\/websocket)$ "ws://backendserver-address/$1$2"
    ProxyPass / http://backendserver-address/
    ProxyPassReverse / http://backendserver-address/

    SSLCertificateFile "{{SSL_CERTIFICATE_PATH}}"
    SSLCertificateKeyFile "{{SSL_KEY_PATH}}"
</VirtualHost>

Good luck!
Roland

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Issues that need assistance from volunteers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@KBlixt @t0rtila @RolandBBerlin